Cross-Site Scripting Flaw in Aterm WG2600HS Firmware by NEC
CVE-2021-20710
6.1MEDIUM
What is CVE-2021-20710?
The Aterm WG2600HS firmware, specifically versions 1.5.1 and earlier, contains a cross-site scripting vulnerability that enables remote attackers to inject arbitrary scripts through unspecified vectors. This flaw poses significant security risks as it can lead to unauthorized access and execution of malicious scripts in the context of users’ sessions.
Affected Version(s)
Aterm WG2600HS firmware Ver1.5.1 and earlier